I work for a midsize manufacturing company that is growing and would like recommendations on a patch management (Windows and 3rd party updates) and software install product. I'll outline the requirements below. The product would be used for 300+ Windows 10 Pro client machines and potentially for managing our server patches, but the client machines are the most important. One challenge is that about 50% of our clients are remote and will not phone home (VPN in) to our corporate network.

Requirements:

Must work for remote clients that are internet connected, but not connected to the corporate network

The easiest way to manage your endpoints would be WSUS and 3rd
party patch management solution like the already mentioned Ninite and Comodo.
But you will struggle with your mobile endpoints without VPN access.

Our baramundi Management suite can manage your enpoints in
your local network and your mobile endpoints. (A gateway service will
communicate with the mobile endpoints) You can use our modules Deploy (Software
deployment), Managed software (3rd party Patches), Windows patch
management and Inventory for software and hardware inventories. You can install
the server software on premise or in your private cloud and it is an agent-based architecture.

The setup is very easy and with your 300+ Clients, this
solution will save you a lot of time. ;)

OP, you should check out AVG Managed Workplace, which offers features you are looking for in one integrated solution :) Including patch management, asset management, security analysis, remote access, etc.

It's free to try out and my team is happy to answer any questions you have or come up with.